WPA PSK weaknesses are easily exploitable
WPA is slowly replacing WEP in the home. A quick wardrive around my suburban area of Silicon Valley produced some interesting results. On average, using a simple Netgear WG511T card (without external antenna), there were 8 wireless networks within reach. Of these approximately 60% were using WEP for encryption, 30% were unencrypted and 10% were using WPA. 10% may not sound like a lot, but last years results were 60% unencrypted and 40% using WEP.
WPA definitely offers stronger security. We have demonstrated this publicly, by breaking 128 bit WEP encryption in less than 2 minutes, even when when very strong passwords were used.
http://www.pcw.co.uk/personal-computer-world/news/2161974/mcafee-reiterates-wifi-security
http://labs.pcw.co.uk/2006/07/do_you_use_wpa_.html
However, WPA is still vulnerable when using a weak Pre-Shared Key (PSK), because WPA eavesdropping is possible and is easy. The hard part is ‘cracking’ what you have captured. Most consumers and many SMBs do not use an external authentication server, they instead use WPA-PSK (pre-shared key). If the pre-shared key used is ‘easy’ (as in likely to succumb to a dictionary attack), then it can be broken easily. However, if this is not the case, then it may be very very difficult to crack the password.WPA can be a powerful defensive tool, however it must be configured correctly. We also publically demonstrated how to crack a weak WPA within seconds. With a more powerful dictionary, it may be minutes. With a truly dificult passwords, it may be many many years.
Posted: August 10th, 2006 under Security.
Comments: none
Write a comment